Mail Policies

What are mail policies and how do they work?

Mail policies is an advance security feature of SkyConnect which allows you to control mail flow from and to users and groups on your domain.

For example, using mail policies you can allow only a certain set of users to communicate with users on Gmail. Similarly, another set can only communicate with users of your domain. Or you can control who can send out attachments of a certain type and who is allowed to receive attachments.

Types of policies

When defining mail policies, you have to define sender and recipient policies.Sender policies are applied when the user is sending mail and Recipient policies are applied when the user or group is receiving mail.

So if you want to stop all communications between a user john@yourdomain.com and a Gmail user jane@gmail.com, then you will have to define a sender and a recipient policy for john@yourdomain.com.

Similarly, if you have a distribution list called all@yourdomain.com which is to be used only for internal purposes and you want to block all external communications to this group id, you will have to define a sender and recipient policy for this id.

If a certain id can only receive mail such as info@yourdomain.com but cannot be used to send out mail, then a sender policy has to be defined for this user and no recipient policy.

Defining a policy

Sender and recipient policies are defined by a Default action and zero or more exceptions to the default action. The Default action can be either Allow or Block.

Exceptions have an associated action which is opposite to the default action. For example, if the Default action is Block, then the exceptions will define all the conditions under which the default action of Block is not applied and the mail flow is allowed. Similarly, if the Default action is Allow, then the exceptions will define all the conditions under which the mail flow is to be blocked.

The conditions for the exceptions are defined using the following parameters:

  • Sender for recipient policies and Recipient for sender policies
  • Mail size
  • Attachment size
Note: After encoding in the MIME format, the size of mail body or attachment increases by 33%. The encoding is required to convert 8 bit data to 7 bit data (suitable for transmission over the network). Hence to block the a mail of size 1 MB or 1024 KB, add a policy for mail size 1024 * 1.33 ~ 1366 KB.  In some cases where the mail/attachments may not be encoded, the mail/attachment size limit will be 1.33 MB.
  • Attachment count
  • Subject text
  • Body text
  • Attachment type

For each user or group you want to control, define the sender and recipient policies in a table as follows

User ID Default Sender Policy Exceptions To The Default Sender Policy  Default Recipient Policy Exceptions To The Default Recipient Policy

Sample Mail Policies

Allow users to receive mail but not to send

User ID Default Sender Policy Exceptions to the Default Sender Policy Default Recipient Policy Exceptions to the Default Recipient Policy
all users of domain block none allow none

Allow domain users to receive mail but restrict them from sending mail to any external domain

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all users of domain block allow when recipient is in domain yourdomain.com allow none

Restrict domain users to send and receive mail mail from yahoo.com and gmail.com

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all users of domain allow

1. block when recipient is in domain yahoo.com

2. block when recipient is in domain gmail.com

allow

1. block when sender is in domain yahoo.com

2. block when sender is in domain gmail.com

Disable all users from sending emails to a particular email id like md@domain.com

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all users of domain allow block sending to md@domain.com allow none

Allow only domain users to send emails to the group all@yourdomain.com

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow none block allow when sender is in domain yourdomain.com

Allow only users in group mgmnt to send emails to the group all@yourdomain.com

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow none block allow when sender is in group mgmnt@yourdomain.com

Allow only user md@yourdomain.com to send emails to the group all@yourdomain.com

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow none block allow when sender is md@yourdomain.com

Block only users of the group tempstaff@yourdomain.com to send emails to the group all@yourdomain.com

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow none allow block when sender is in tempstaff@yourdomain.com

Block users from sending attachments to Gmail

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow block when attachment count is greater than or equal to 1 and recipient is in domain gmail.com allow none

Block users from sending more than 5 attachments

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow block when attachment count is greater than 5 allow none

Block users from sending more than 2 MB of attachments

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow block when attachment size is greater than 2048 allow none

Block users from sending more mail with Happy Diwali in subject

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow block when subject has Happy Diwali allow none

Block users from sending gifs attachments

User ID Default Sender Policy Exceptions To The Default Sender Policy Default Recipient Policy Exceptions To The Default Recipient Policy
all@yourdomain.com allow block when attachment type is gif allow none

Configure the policies for your domain

Mail policies are configurable via the backend and we request you to send your requirements in a table as given above and mail to support@mithi.com. We will configure the same for you.